[BreachExchange] Genesee County ransomware attack more severe than originally thought

[Destry Winant]

https://www.scmagazine.com/home/security-news/ransomware/genesee-county-ransomware-attack-more-severe-than-originally-thought/

Genesee County, Mich. officials are telling residents the ransomware
attack it suffered has had a larger impact than originally thought and
that many services are not likely to be quickly restored.

The county reported the attack to residents on April 2 on its Facebook
page stating the attackers encrypted some files and demanded a ransom,
which was not paid. At that time the county believed it had limited
the extent of the damage and that its IT team would have most systems
restored by the start of business on April 3 with the remainder coming
online later that day.

This forecast proved overly optimistic and county officials followed
up on April 4 with a second Facebook post.

“The scope of the attack on Genesee County has turned out to be more
extensive than initially thought. While the encryption of data has
occurred, the evidence continues to show that no data has been
released,” was posted.

Genesee is still attempting to assess the scope of the damage
inflicted and warned residents services will be severely restricted
for “some time.” The county believes the attack was limited to
encrypting its files and that no data has been exfiltrated.

The county did not offer any details on what services are currently
unavailable, but its website appears to be functioning normally.